Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 16:00:00 |
High Severity Vulnerabilities Found in HP Enterprise Devices (lien direct) |
The flaws affect HP EliteBook devices and have CVSS scores between 7.5 and 8.2 |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 15:00:00 |
Oxeye Discovers Several High Severity IDOR Vulnerabilities in Harbor (lien direct) |
The flaws were discovered despite Harbor having implemented RBAC on most HTTP endpoints |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 10:00:00 |
Cops Raid Suspected Fraudster Penthouses (lien direct) |
Gang believed to have posed as UK financial regulator |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 09:30:00 |
Ransomware Actors Embrace Intermittent Encryption (lien direct) |
New technique makes for faster encryption and improved evasion |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 09:00:00 |
ICO Slams Government Departments Over FOI Failings (lien direct) |
Regulator takes a harder line on enforcement |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 08:30:00 |
North Korean Lazarus Group Hacked Energy Providers Worldwide (lien direct) |
The campaign was disclosed by Symantec and AhnLab but Cisco Talos is now providing more details |
|
APT 38
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 08:00:00 |
Hackers Compromise Employee Data at PVC-Maker Eurocell (lien direct) |
Law firm is demanding more info from the company |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-12 08:00:00 |
Investigators Seize $30m in Stolen Crypto from North Korea (lien direct) |
Funds were taken in biggest ever digital currency heist |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-11 12:30:00 |
Vulnerability in WordPress BackupBuddy Plugin Exploited By Hackers (lien direct) |
Wordfence claimed to have blocked 4,948,926 attacks targeting this vulnerability |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-11 12:00:00 |
Increased Mortality Rates Linked to Cyber-Attacks Against Healthcare Organizations (lien direct) |
The report also found that 89% of them experienced an average of 43 attacks in the past 12 months |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-11 08:30:00 |
Over Three-Quarters of Retailers Hit by Ransomware in 2021 (lien direct) |
Figure is more than 10% higher than cross-sector average |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-09 10:37:00 |
Our Statement of Condolence - Queen Elizabeth II - 1952 - 2022 (lien direct) |
We are deeply saddened by the passing of Her Majesty Queen Elizabeth II. We send our sincerest condolences to the Royal Family. |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-08 17:05:00 |
Rapid7 Discusses SIGMA Spectrum Infusion Pump and WiFi Battery Vulnerabilities (lien direct) |
The vulnerabilities, now fixed, allowed for a potential man in the middle attack |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-08 16:00:00 |
Over 10% of Enterprise IT Assets Found Missing Endpoint Protection (lien direct) |
The document analyzes data aggregated from visibility into more than 500,000 IT assets |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-08 13:45:00 |
Darktrace\'s Share Value Plummets as Thoma Bravo Buyout Falls Through (lien direct) |
The buyout fell through hours before the UK company said that millions of pounds in revenue had been wrongly recognized in this year's accounts instead of last year's |
|
|
★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-08 13:20:00 |
Researchers Reveal New Iranian Threat Group APT42 (lien direct) |
Group has been active since at least 2015 |
Threat
|
APT 42
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-08 09:30:00 |
The North Face Warns of Major Credential Stuffing Campaign (lien direct) |
Apparel giant detects unusual activity on accounts |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-08 09:10:00 |
NATO-Member Albania Cut Ties With Iran Over Cyber-Attack (lien direct) |
Tehran denied any link, claiming Tirana's action was “based on such baseless claims” |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-08 08:45:00 |
Ukraine Shutters Two More Russian Bot Farms (lien direct) |
Facilities used to spread Russian disinformation |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-07 16:05:00 |
Japan Government Websites Hit By Cyber-Attacks, Killnet Suspected (lien direct) |
The websites could not be accessed on Tuesday evening, but they were restored hours later |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-07 15:00:00 |
(Déjà vu) InterContinental Hotels Confirms Cyber-Attack After Two-Day Outage (lien direct) |
IHG is assessing the nature, extent and impact of the incident and implementing response plans |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-07 09:40:00 |
UK Privacy Regulator Fines Halfords for Spam Deluge (lien direct) |
Retailer sent half a million emails to people without their consent |
Spam
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-07 09:10:00 |
Authorities Take Down Prolific WT1SHOP Cybercrime Marketplace (lien direct) |
Portuguese and US authorities seize website and domains |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-07 08:30:00 |
(Déjà vu) FBI K-12 Ransomware Warning as LAUSD is Hit (lien direct) |
Second-largest US school district compromised over the weekend |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-06 12:00:00 |
Half of Firms Report Supply Chain Ransomware Compromise (lien direct) |
Study highlights threat detection challenge for many organizations |
Ransomware
Threat
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-06 09:25:00 |
Interpol Busts Asian Sextortion Syndicate (lien direct) |
Cops launched public awareness campaign in June to warn potential victims |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-06 09:15:00 |
Meta Fined $400m in Ireland For Exposing Children\'s Privacy Data (lien direct) |
Instagram allowed children to run business accounts, which showed phone numbers and email addresses |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-06 08:40:00 |
London\'s Biggest Bus Operator Hit by Cyber "Incident" (lien direct) |
Go-Ahead is working through its incident response plans |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-06 08:10:00 |
BlackCat Ransomware Linked to Italy\'s Energy Services Firm Hack (lien direct) |
The ransomware group claimed to have downloaded 700GB of data from GSE |
Ransomware
Hack
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-06 07:05:00 |
Game-Related Cyber-Threats: Almost 100k Malicious Files Last Year (lien direct) |
Kaspersky also observed an increase in the number of programs that can steal secrets |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-05 16:00:00 |
Keybank\'s Customer Information Stolen By Hackers Via Third-party Provider (lien direct) |
Overby-Seawell, a firm providing multiple clients with insurance services is alleged to have been the source of the breach |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-05 15:45:00 |
SharkBot Malware Resurfaces on Google Play to Steal Users\' Credentials (lien direct) |
It reportedly targets the banking credentials of Android users via apps with 60,000 installations |
Malware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-05 15:00:00 |
EvilProxy Phishing Toolkit Spotted on Dark Web Forums (lien direct) |
The tool highlights the growth in attacks against online services and MFA authorization mechanisms |
Tool
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-05 09:50:00 |
New Rules for Crypto Exchanges to Stop Sanctions Evaders (lien direct) |
UK Treasury demands exchanges report suspected breaches |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-05 09:15:00 |
Samsung Reveals New US Data Breach (lien direct) |
Personal info of "certain customers" was affected |
Data Breach
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-05 08:45:00 |
IRS Leaks 120,000 Taxpayers\' Personal Details (lien direct) |
US government still working out what went wrong |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-02 16:00:00 |
US Police Deployed Obscure Smartphone Tracking Tool With No Warrants (lien direct) |
It would allow police to search billions of mobile device-based records, including GPS data |
Tool
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-02 15:45:00 |
Google Chrome Vulnerability Lets Sites Quietly Overwrite Clipboard Contents (lien direct) |
The bug was discovered by developer Jeff Johnson, who detailed his findings in a blog post |
Vulnerability
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-02 14:00:00 |
JuiceLedger Hacker Linked to First Phishing Campaign Targeting PyPI Users (lien direct) |
JuiceLedger started poisoning open-source packages as a way to target a wider audience in August |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-02 11:00:00 |
New Ransomware Group BianLian Activity Exploding (lien direct) |
The threat actor using the common Go programming language and a custom toolkit claims twenty victims |
Ransomware
Threat
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-02 09:30:00 |
CISA, NSA and npm Release Software Supply Chain Guidance (lien direct) |
Best practices are designed to help developers bolster security |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-02 09:00:00 |
Government Releases New AI Security Guidance (lien direct) |
New principles set to take on adversarial machine learning |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-02 08:30:00 |
Chile and Montenegro Floored by Ransomware (lien direct) |
Governments reveal system compromise in separate incidents |
Ransomware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-01 16:30:00 |
Source Code of Over 1800 Android and iOS Apps Gives Access to AWS Credentials (lien direct) |
Roughly 50% of all the apps analyzed were seen using the same AWS tokens found in other apps |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-01 15:45:00 |
Ragnar Locker Ransomware Targets Energy Sector, Cybereason Suggests (lien direct) |
The malware can also check if specific products are installed, particularly security software |
Ransomware
Malware
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-01 14:50:00 |
(Déjà vu) Apple Releases Update for iOS 12 to Patch Exploited Vulnerability (lien direct) |
The flaw would allow the processing of maliciously crafted web content and arbitrary code execution |
Vulnerability
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-01 09:50:00 |
Standards Body Publishes Guidelines for IoT Security Testing (lien direct) |
Document will help testers create benchmarks for security products |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-01 09:20:00 |
Detected Cyber-Threats Surge 52% in 1H 2022 (lien direct) |
Trend Micro warns of Linux-based ransomware |
|
|
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-09-01 08:50:00 |
Microsoft Finds Account Takeover Bug in TikTok (lien direct) |
Vulnerability impacted social media firm's Android app |
Vulnerability
|
|
★★★★
|
![InfoSecurityMag.webp](./Ressources/img/InfoSecurityMag.webp) |
2022-08-31 16:00:00 |
Golang-based Malware Campaign Relies on James Webb Telescope\'s Image (lien direct) |
Initial infection begins with a phishing email containing a Microsoft Office attachment |
Malware
|
|
|